Drag and drop a DICOM file or folders of DICOM files (nested is ok).
Or click to choose files.
Or try one of these:

US-test.dcm CT-test.dcm CXR-test.dcm Mammo-test.dcm zip-test.zip

Anonymize DICOM with AWS Lambda

This proof-of-concept takes advantage of serverless computing to perform DICOM file anonymization. This also showcases the considerable number of DICOM file manipulations that can be performed client side in a browser.
Choose a DICOM file, folder of nested DICOM files, or a zip archive, and click "Anonymize" to kick off the process. Here's what will happen:

  1. The input DICOM file headers are parsed in the browser before upload, and some headers are displayed
  2. Upon clicking "Anonymize", a request is made to AWS API Gateway, which proxies the request to an AWS Lambda function. This function generates pre-signed upload credentials for AWS S3, or Simple Storage Service.
  3. The client page then uses the pre-signed upload credentials to send the DICOM data to S3 securely (via SSL/HTTPS). As soon as the upload completes, the anonymization Lambda function is triggered.
  4. The anonymization Lambda function contains an instance of the RSNA DicomAnonymizerTool, which is used within the Clinical Trials Processor to perform anonymization. The function loads the DICOM data from S3.
  5. Upon receiving the image data, the file is immediately anonymized and loaded back into S3. The original (non-anonymized) data is immediately deleted.
  6. While the Lambda function is processing the data, the client polls S3 for the completed file. Once finished, the file is downloaded and displayed in the page.
Some important points:
  • This is for demonstration/testing purposes only. Do not upload files containing Protected Health Information as defined by HIPAA. If you don't know what that is, this tool probably isn't for you.
  • However, if used in a properly managed healthcare environment with appropriate HIPAA logging and other standard security practices, this tool would conform to HIPAA PHI protection requirements when used with an AWS account having a signed BAA in place. The data is encrypted in transit via SSL/HTTPS, anonymized immediately and PHI is not stored anywhere outside the client machine.
  • The source code is here.